Hi,
I am not hopeful to secure much of anything against the likes of NSA or
GCHQ. However, my curiousity woke up when the latest
NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much
of Internet encryption were accompanied by graphics like
2013/9/8 Oleg Goldshmidt p...@goldshmidt.org:
Hi,
I am not hopeful to secure much of anything against the likes of NSA or
GCHQ. However, my curiousity woke up when the latest
NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much
of Internet encryption were accompanied by
I'm only taking a wild guess here. To be clear, I have no inside knowledge
and my guess is probably as good as anyone else's. But if I had to bet this
is where I would put my money.
Either:
1. They have a 0-day against SSH (e.g. if you have ssh running they can
login to your box)
2. They are
2013/9/8 Aviram Jenik avi...@jenik.com:
I'm only taking a wild guess here. To be clear, I have no inside knowledge
and my guess is probably as good as anyone else's. But if I had to bet this
is where I would put my money.
Either:
1. They have a 0-day against SSH (e.g. if you have ssh
The algorithm itself is the least of your worries. In modern cryptography,
key management is the preferred target. With regards to ssh, this means the
key negotiation phase of the protocol handshake. Using your own keys of
reasonable size, and managing them properly, is your best bet for
Aviram Jenik avi...@jenik.com writes:
The question is encryption ABC safe is nowadays a purely academic
question and only academics care about them (no offense Oleg).
None taken[*]. I re-read my post and I see now that I didn't emphasize
that I meant OpenSSH implementation of AES when I wrote